GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
135 advisories
Filter by severity
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing...
Moderate
Unreviewed
CVE-2024-55232
was published
Dec 19, 2024
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may...
Moderate
Unreviewed
CVE-2023-34157
was published
Jun 16, 2023
Authentication Bypass by Spoofing vulnerability in Michal Novák Secure Admin IP allows...
Moderate
Unreviewed
CVE-2023-41133
was published
Dec 13, 2024
PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a...
Moderate
Unreviewed
CVE-2023-27199
was published
Jul 5, 2023
An attacker could cause a select dropdown to be shown over another tab; this could have led to...
Moderate
Unreviewed
CVE-2024-11692
was published
Nov 26, 2024
The incorrect domain may have been displayed in the address bar during an interrupted navigation...
Moderate
Unreviewed
CVE-2024-11701
was published
Nov 26, 2024
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend...
Moderate
Unreviewed
CVE-2023-29147
was published
Jun 30, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS...
Moderate
Unreviewed
CVE-2023-42889
was published
Feb 21, 2024
A user who enables full-screen mode on a specially crafted web page could potentially be...
Moderate
Unreviewed
CVE-2024-9391
was published
Oct 1, 2024
An issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to...
Moderate
Unreviewed
CVE-2024-36588
was published
Jun 13, 2024
Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass.
Moderate
Unreviewed
CVE-2024-39337
was published
Jun 24, 2024
DESIGNA ABACUS v.18 and before allows an attacker to bypass the payment process via a crafted QR...
Moderate
Unreviewed
CVE-2024-31802
was published
Jun 27, 2024
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a...
Moderate
Unreviewed
CVE-2024-34397
was published
May 7, 2024
Entrust Instant Financial Issuance (On Premise) Software (formerly known as Cardwizard) 6.10.0, 6...
Moderate
Unreviewed
CVE-2024-39341
was published
Sep 23, 2024
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an...
Moderate
Unreviewed
CVE-2024-23558
was published
Apr 15, 2024
This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. A...
Moderate
Unreviewed
CVE-2024-27853
was published
Jul 30, 2024
If a site had been granted the permission to open popup windows, it could cause Select elements...
Moderate
Unreviewed
CVE-2024-8386
was published
Sep 3, 2024
QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening...
Moderate
Unreviewed
CVE-2024-49214
was published
Oct 14, 2024
A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance ...
Moderate
Unreviewed
CVE-2024-20384
was published
Oct 23, 2024
A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software...
Moderate
Unreviewed
CVE-2024-20299
was published
Oct 23, 2024
A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software...
Moderate
Unreviewed
CVE-2024-20297
was published
Oct 23, 2024
Azure Active Directory Pod Identity Spoofing Vulnerability
Moderate
Unreviewed
CVE-2021-1677
was published
May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions...
Moderate
Unreviewed
CVE-2024-1347
was published
Apr 25, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor...
Moderate
Unreviewed
CVE-2024-7745
was published
Aug 28, 2024
Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting...
Moderate
Unreviewed
CVE-2024-35539
was published
Aug 19, 2024
ProTip!
Advisories are also available from the
GraphQL API